About 15 to 20 mobile phone makers have responded to the government’s directive to share information about security measures they have taken to ensure that user data is not compromised, a top official said today. “We have so far asked 36 companies. Till about 15 to 20 companies have responded. Some companies asked for more time which we have given,” Ajay Kumar, Additional Secretary, Union Ministry of Electronics and Information Technology, told reporters. The government would like to understand what security measures the companies are taking to make sure that user data is not leaked, he said. “Based on what information they give, we will examine it and inform them if there are any concerns,” the senior bureaucrat said.
Replying to a query, Kumar said there are reports that data was getting leaked from certain phones. “There are reports that certain phones are leaking data which is going to third country servers or third party servers which are not authorised. If that is the case, we do not want that to happen,” he said.
The Centre had sent notices to mobile phone makers of China and other countries to provide information about the procedures followed by them for data security.
As many as 21 phone makers, including leading Chinese brands Vivo, Oppo, Xiaomi and Gionee, were asked to give a “detailed, structured written response” on how they secure data and ensure its safety and security, as per a government order issued last month. Kumar, who was speaking at the launch of a firm ‘Homeland Security Solutions’ by city-based company E2LABS, said India is the fastest digitising country in the world today. Maintaining that the government is taking all required steps to make sure that the cyber ecosystem is secure, he noted that all ministries have been advised to spend 10 per cent of their IT budget on cyber security. Earlier, there was no such practice of earmarking a specific expenditure on cyber security, he said.
All ministries and all government organisations have also been advised to appoint a chief information security officer, Kumar said. The government is collaborating with industry to share information on cyber security, he said. “We are also converting the best cyber forensic labs into what is called examiner of electronic evidence under the IT Act. These labs would then be competent to give forensic evidence before a court of law…Today, it is difficult to prove cyber evidence before a court of law,” the official said. He also said services of an estimated two million people would be required in the cyber security area, both in the government and in industry. Engineering colleges need to collectively work on this, and the Ministry, on its part, is conducting an information security education and awareness programme as academic course, he added.